Analysis of Remote Access Trojan Attack using Android Debug Bridge
Pdf

Keywords

Remote Access Trojan
Android
Exploit
Ghost Framework
ADB

How to Cite

Aprilliansyah, D., Riadi, I., & Sunardi. (2022). Analysis of Remote Access Trojan Attack using Android Debug Bridge. IJID (International Journal on Informatics for Development), 10(2), 102–111. https://doi.org/10.14421/ijid.2021.2839

Abstract

The security hole in the android operating system sometimes not realized by users such as malware and exploitation by third parties to remote access. This study conducted to identify the vulnerabilities of android operating system by using Ghost Framework. The vulnerability of the android smartphone are found by using the Android Debug Bridge (ADB) with the exploitation method as well as to analyze the test results and identify remote access Trojan attacks.  The exploitation method with several steps from preparing the tools and connecting to the testing commands to the testing device have been conducted. The result shows that android version 9 can be remote access by entering the exploit via ADB. Some information has been obtained by third parties, enter and change the contents of the system directory can be remote access like an authorized to do any activities on the device such as opening lock screen, entering the directory system, changing the system, etc.

https://doi.org/10.14421/ijid.2021.2839
Pdf

References

N. A. Handoyono and R. Rabiman, “Development of android-based learning application in EFI materials for vocational schools,” in Journal of Physics: Conference Series, Feb. 2020, vol. 1456, no. 1, p. 12050, DOI: 10.1088/1742-6596/1456/1/012050.

R. Mayrhofer, J. Vander Stoep, C. Brubaker, and N. Kralevich, “The Android Platform Security Model,” ACM Trans. Priv. Secur., vol. 24, no. 3, 2021, doi: 10.1145/3448609.

S. O’Dea, “Number of smartphone users worldwide from 2016 to 2023,” statista.com, 2021. https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/ (accessed Apr. 29, 2021).

R. Singh, “An Overview of Android Operating System and Its Security Features,” Eng. Res. Appl., vol. 4, no. 2, pp. 519–521, 2014.

A. Sarkar, A. Goyal, D. Hicks, D. Sarkar, and S. Hazra, “Android Application Development: A Brief Overview of Android Platforms and Evolution of Security Systems,” Proc. 3rd Int. Conf. I-SMAC IoT Soc. Mobile, Anal. Cloud, I-SMAC 2019, pp. 73–79, 2019, DOI: 10.1109/I-SMAC47947.2019.9032440.

“Android Open Source Project.” https://source.android.com/ (accessed Apr. 30, 2021).

R. D. Putra and I. Mardianto, “Exploitation with Reverse_tcp Method on Android Device using Metasploit,” J. Edukasi dan Penelit. Inform., vol. 5, no. 1, p. 106, 2019, doi: 10.26418/jp.v5i1.26893.

A. Amin, A. Eldessouki, M. T. Magdy, N. Abdeen, H. Hindy, and I. Hegazy, “AndroShield: Automated Android Applications Vulnerability Detection, a Hybrid Static and Dynamic Analysis Approach,” Information, vol. 10, no. 10, p. 326, 2019, DOI: 10.3390/info10100326.

P. Bhat and K. Dutta, “A survey on various threats and current state of security in android platform,” ACM Comput. Surv., vol. 52, no. 1, 2019, DOI: 10.1145/3301285.

A. Iswardani and I. Riadi, “Denial of service log analysis using density K-means method,” J. Theor. Appl. Inf. Technol., vol. 83, no. 2, pp. 299–302, 2016.

T. Kinnunen et al., “The ASVspoof 2017 challenge: Assessing the limits of replay spoofing attack detection,” Proc. Annu. Conf. Int. Speech Commun. Assoc. INTERSPEECH, vol. 2017-August, pp. 2–6, 2017, DOI: 10.21437/Interspeech.2017-1111.

D. Kiwia, A. Dehghantanha, K. K. R. Choo, and J. Slaughter, “A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence,” J. Comput. Sci., vol. 27, pp. 394–409, 2018, DOI: 10.1016/j.jocs.2017.10.020.

“Android Security Bulletins | Android Open Source Project.” https://source.android.com/security/bulletin (accessed Apr. 30, 2021).

“How Monthly Android Security Patch Updates Work.” https://www.xda-developers.com/how-android-security-patch-updates-work/ (accessed May 03, 2021).

J. Wu and M. Yang, “LaChouTi: Kernel vulnerability responding framework for the fragmented android devices,” Proc. ACM SIGSOFT Symp. Found. Softw. Eng., vol. Part F1301, pp. 920–925, 2017, DOI: 10.1145/3106237.3117768.

A. Shanley and M. N. Johnstone, “Selection of penetration testing methodologies: A comparison and evaluation,” Aust. Inf. Secur. Manag. Conf. AISM 2015, vol. 2015, pp. 65–72, 2015, DOI: 10.4225/75/57b69c4ed938d.

A. Susanto and W. K. Raharja, “Simulation and Analysis of Network Security Performance Using Attack Vector Method for Public Wifi Communication,” Int. J. Informatics Comput. Sci., vol. 5, no. 1, pp. 7–15, Mar. 2021, DOI: 10.30865/ijics.v5i1.2764.

H. Lu, X. Helu, C. Jin, Y. Sun, M. Zhang, and Z. Tian, “Salaxy: Enabling USB Debugging Mode Automatically to Control Android Devices,” IEEE Access, vol. 7, pp. 178321–178330, 2019, DOI: 10.1109/ACCESS.2019.2958837.

C. Guo, Z. Song, Y. Ping, G. Shen, Y. Cui, and C. Jiang, “PRATD: A Phased Remote Access Trojan Detection Method with Double-Sided Features,” Electronics, vol. 9, no. 11, p. 1894, Nov. 2020, DOI: 10.3390/electronics9111894.

“exploit - Definition.” https://www.trendmicro.com/vinfo/us/security/definition/exploit (accessed May 04, 2021).

D. Jiang and K. Omote, “An approach to detect remote access trojan in the early stage of communication,” in Proceedings - International Conference on Advanced Information Networking and Applications, AINA, Apr. 2015, vol. 2015-April, pp. 706–713, DOI: 10.1109/AINA.2015.257.

I. M. M. Matin and B. Rahardjo, “Malware Detection Using Honeypot and Machine Learning,” Nov. 2019, DOI: 10.1109/CITSM47753.2019.8965419.

R. N. Manda Vy and H. Z. T. R. Zafimarina Stefana, “Bridge implementation between IP network and GSM network,” 2013 World Congr. Comput. Inf. Technol. WCCIT 2013, vol. 4, no. 2, pp. 69–74, 2013, DOI: 10.1109/WCCIT.2013.6618671.

“ADB Shell Commands List and Cheat Sheet.” https://technastic.com/adb-shell-commands-list/ (accessed Apr. 30, 2021).

“About Post-Exploitation | Metasploit Documentation.” https://docs.rapid7.com/metasploit/about-post-exploitation/ (accessed Nov. 08, 2021).

R. Umar, I. Riadi, and R. S. Kusuma, “Analysis of Conti Ransomware Attack on Computer Network with Live Forensic Method,” IJID (International J. Informatics Dev., vol. 10, no. 1, pp. 53–61, 2021, DOI: 10.14421/ijid.2021.2423.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.